<?php

class appserver_model_web extends dzf_base_model {
    protected $config = array();
    private static $initated;
    
    public function __construct() {
        parent::__construct();
        $this->webinit();
    }
    
    public function webinit() {
        if(!self::$initated) {
            $this->app = DZF::app();
            $this->config = &$this->app->config;
    
            $this->_init_env();
            $this->_init_input();
            $this->_init_output();
            
            $this->_init_db();
            $this->_init_user();
        }
        self::$initated = true;
    }
    
    private function _init_env() {
        if(PHP_VERSION < '5.3.0') {
            set_magic_quotes_runtime(0);
        }
        define('MAGIC_QUOTES_GPC', function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc());
        define('ICONV_ENABLE', function_exists('iconv'));
        define('MB_ENABLE', function_exists('mb_convert_encoding'));
        define('EXT_OBGZIP', function_exists('ob_gzhandler'));
    
        define('TIMESTAMP', time());
        if(function_exists('date_default_timezone_set')) {
            @date_default_timezone_set('Etc/GMT +0');
        }
    
        if(!defined('DISCUZ_CORE_FUNCTION') && !@include(APP_PATH.'include/function/core.php')) {
            exit('/include/function/core.php is missing');
        }
    
        if(function_exists('ini_get')) {
            $memorylimit = @ini_get('memory_limit');
            if($memorylimit && return_bytes($memorylimit) < 33554432 && function_exists('ini_set')) {
                ini_set('memory_limit', '128m');
            }
        }
    
        $superglobal = array(
            'GLOBALS' => 1,
            '_GET' => 1,
            '_POST' => 1,
            '_REQUEST' => 1,
            '_COOKIE' => 1,
            '_SERVER' => 1,
            '_ENV' => 1,
            '_FILES' => 1,
        );
        foreach ($GLOBALS as $key => $value) {
            if (!isset($superglobal[$key])) {
                $GLOBALS[$key] = null; unset($GLOBALS[$key]);
            }
        }
    }
    
    private function _init_input() {
        if (isset($_GET['GLOBALS']) ||isset($_POST['GLOBALS']) ||  isset($_COOKIE['GLOBALS']) || isset($_FILES['GLOBALS'])) {
            throw new Exception('request_tainting');
        }
    
        if(MAGIC_QUOTES_GPC) {
            $_GET = dstripslashes($_GET);
            $_POST = dstripslashes($_POST);
            $_COOKIE = dstripslashes($_COOKIE);
        }
    
        if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST)) {
            $_GET = array_merge($_GET, $_POST);
        }
    
        if(!(!empty($_GET['handlekey']) && preg_match('/^\w+$/', $_GET['handlekey']))) {
            unset($_GET['handlekey']);
        }
    }
    
    private function _init_output() {
        if(!empty($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') === false) {
            $this->config['output']['gzip'] = false;
        }
    
        $allowgzip = $this->config['output']['gzip'] && $this->app->request()->getAjax() && EXT_OBGZIP;
    
        if(!ob_start($allowgzip ? 'ob_gzhandler' : null)) {
            ob_start();
        }
    
        define('CHARSET', $this->config['output']['charset']);
        if($this->config['output']['forceheader']) {
            @header('Content-Type: text/html; charset='.CHARSET);
        }
    
    }
    
    private function _init_db() {
        $driver = function_exists('mysql_connect') ? 'dzf_db_mysql' : 'dzf_db_mysqli';
        if($this->config['db']['slave']) {
            $driver = function_exists('mysql_connect') ? 'dzf_db_mysql_slave' : 'dzf_db_mysqli_slave';
        }
        dzf_base_database::init($driver, $this->config['db']);
    }
    
    private function _init_user() {
        if($auth = $this->getcookie('auth')) {
            $auth = dzf_base_security::addslashes(explode("\t", authcode($auth, 'DECODE')));
        }
        list($user_pw, $user_id) = empty($auth) || count($auth) < 2 ? array('', '') : $auth;
        
        $usermodel = DZF::m('user');
        if($user_id) {
            $user = $usermodel->getuserbyuid($user_id, 1);
        }

        if(!empty($user) && $user['password'] == $user_pw) {
            $this->member = $user;
        } else {
            $user = array();
        }
    }
}